WikiLeaks Releases Details on CIA Hacking Tools

WikiLeaks revealed on Tuesday that it has obtained thousands of files allegedly originating from a high-security network of the U.S. Central Intelligence Agency (CIA). The leak, dubbed “Vault 7,” apparently exposes the CIA’s vast hacking capabilities.

WikiLeaks said the files come from the CIA’s Center for Cyber Intelligence (CCI) in Langley, Virginia, and they have been circulating among former U.S. government hackers and contractors. One of these individuals provided the data to the whistleblower organization, which has called it “the largest intelligence publication in history.”

According to WikiLeaks, the files, dated between 2013 and 2016, include malware and exploits targeting the products of several major tech companies, including Apple, Google, Microsoft and Samsung. The leaked tools can allegedly be used to hack mobile devices, desktop computers, routers, smart TVs and other types of systems.

These pieces of software are said to have been developed by the CCI’s Engineering Development Group (EDG). WikiLeaks said the EDG develops, tests and provides support for backdoors, exploits, Trojans, viruses and other types of malware used by the CIA.

In addition to hacking tools developed by its own people, the agency allegedly obtained tools from British intelligence agencies (GCHQ and MI5), the NSA, the FBI and cyber arms contractors. For instance, the agency is said to have collaborated with MI5 on the development of a tool designed for spying on people through Samsung smart TVs.

The CIA allegedly has dozens of zero day exploits designed for targeting devices running Android, iOS, Windows, OS X and Linux. WikiLeaks claims some of these tools even allow the agency to bypass the encryption of secure messaging apps such as Signal, WhatsApp, and Telegram.

However, this does not necessarily mean these applications have been compromised – an attacker who has root access to a mobile device can often access messages exchanged via secure IM apps without the need to break the encryption.

WikiLeaks will not release the tools and exploits “until a consensus emerges on the technical and political nature of the CIA's program and how such 'weapons' should analyzed, disarmed and published.”

The files also appear to show that the CIA has developed tools designed for targeting the control systems of modern vehicles, multi-platform malware, and threats that add themselves to CDs and DVDs in order to jump air gaps.

Following the Edward Snowden leaks, the U.S. government has promised to disclose serious vulnerabilities that represent a high risk or affect a product that is widespread in critical infrastructure. If the files obtained by WikiLeaks are genuine, the CIA breached that commitment.

Eduard Kovacs is an international correspondent for SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.